Exchange Online and Hybrid: How to capture/export last usage of Distribution List?

Distribution Groups

Hey everyone, how are you doing? So today’s topic is about how to capture last usage of distribution list. We encounter when we need to do clean up on the groups but imagine if you have thousand of groups that you have to check with the owners whether that the group is in use/active, sounds ridiculous right?

So I came across with this request and manage to found a very good reference on achieving this request.

Make sure you have PowerShell on your workstation to get the following result. Launch your PowerShell as Administrator because you need it.

#Import the module
Import-Module ExchangeOnlineManagement

#Connect to Exchange Online
Connect-ExchangeOnline -Credential $usercredential

#Retrieve list of distribution list
$DistributionList = Get-DistributionGroup -ResultSize unlimited

#Get the message trace function to capture the last usage, a delay is needed to not stress of the throttling
$DistributionList | %{Get-MessageTrace -RecipientAddress $_.primarysmtpaddress ; write-host (“Processed Group: ” + $_.primarySMTPAddress) ; Start-Sleep -Milliseconds 500} | export-csv -Path C:\<filename>.csv –Append 

References:

  1. https://docs.microsoft.com/en-us/archive/blogs/timmcmic/office-365-create-a-report-of-distribution-group-usage
  2. https://docs.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps

My harsh experience in toxic environments.

Deep inside me wanted to write a blog post about my harsh experience in a toxic environment. My purpose of writing this blog post is to warn and show the pros and cons of experience being in toxic environments.

This was during the year 2017 – 2018, I was only 22 or 23 years old, fresh graduate student. Young, innocent and bright person seeking to explore the new unknown world. It was this experience that made me took a step back and a big step forward. When my parents told me that the world is cruel and I didn’t know what it actually means. Hence, it drives me curious to know what is in this new world. Thus, I start working right after I graduated.

The first few months of work was going well until, closer to the end of the year, I was placed under an unexpected task from another team project. I had to put my project low priority which wasn’t fair to my customer. I was too kind to pick that task up and there where the bad situation happen. I got to know that, it was an abandon task that not a single person from the team would want to take it up. I have no idea how are the people at that environment and not a single responsible person of that project was there to assist me. On the first day onsite, there were many hurtful comments, whispering about my physical appearance. Actually it hurts a little but I just ignore it because my purpose there was to complete the task. Racist is everywhere is not uncommon.

After completed my task, I went on to continue my project. A few days later, I got a call from my boss that they need an emergency deployment within 24 hours, I was surprise and angry because I can see that I was being used. I had no choice to have to work 2 different projects deployment on the same day, just to keep my project on-track too. I could not risk my timeline of my project for others people project. It was all about money to the company. It opens my eyes that this is not the company that I want to grow with, and I resigned. That sums up my 2017 year.

Well, I understand that my physical appearance gave many the perception that “She can never do it“. Being petite, has never got to do with my talent.

In 2018, I joined a new company. It was a startup company and I was warn that working for startup, there are more sacrifices to be made. I understand that statement because of me wanting to gain this new experience and I accepted the offer. After the few months of journey, I understand that as a startup company, financial sustainability was important.

I was placed in a project. This experience by far the worst of the worst, it took a toll on my health. Could you believe that? Me a 23 year old, having health problems already. I could never able to tell my parents. No parents wants to see their kids suffer in health. I could only tell to my friends.

It was my first time having to faced managers from different departments in a meeting. They were all selfish, rude, disrespectful and fake. University never trained us to deal with such people. I was only working for the company and by means that I always “bow” to get things done but for this round, “bow” is not the answer. The “N” number of times of me getting scold at and chop at. Thus, hurt my mental health and physical health, liver problem. Being put into such mental stress that I had also fall into deep depression, I could not eat well, I could not sleep well. My life was work, eat, and sleepless.

I had times thought of resigning and abandon this project. However, deep inside me, a tiny voice told me that if I failed this challenge I can never succeed in future. I was being played all along by them, it was all a game. To play this game and to win was “courage” to say “No”. When I start to use “courage”, I can see that I was wining the game. It was “courage” what scares them. After I got that project close, I can sleep peacefully and took days off.

It was the person that I trusted placed me into this situation. He apologies and I forgive him. The trust was broken, he was seen as my enemy, I felt bad because deep down, he has not broken any promises yet. Appreciation was awarded fairly. This experience form a trauma in me, took me awhile to build back the trust.

The pros for experienced such toxic environment, is that in future I would know how to deal with these kind of people. I learn that I have the rights to say “No”.

The cons for experienced such toxic environment, is that I start to see everyone are my enemies, I can never trust anyone. I become highly defensive. I hurt good people that I never wanted to. Health takes a toll.

It took me awhile to see that not everyone are enemies and I apologies to those good people. I have to thanks to my parents and friends that help me through this tough times.

If you are experiencing challenge, do talk to someone that you feel comfortable to talk about your situation. Do know your limit, if you can take up the challenge then go ahead. If you can’t it is still alright. Talent can be grow and groom in many ways.

There will be no more toxic work experience in my life, I would not want to work to die.

aOSKL 2020: How secure your endpoint protection?

Hey guys and girls, hope you are having a good day. I know is Monday Blues, I was having the blue mood this morning, not a good way to start the new day. Anyway, Covid-19 is still high alert in our area, it went from 600 to 800 users per day affected. Please don’t travel as a huge group, stay concern about people around you.

Is almost end of 2020, and here is another event that I am going to speak at, virtually of course. This is my 3rd year speaking at aOS Community event. Every year is a new experience and meeting new people in this event.

This year event, I’m going to talk about Endpoint Protection. Do register yourself if you are interested in this event.

Peace Out!

Exchange Online and PowerShell: How to extend Max Sent Size for your users in bulk?

Hey Guys and girls hope you all are taking care of your health and staying safe during this Covid-19 situation.

So here is just a simple blog post that I’m going to write about, if you are going to do some big changes towards your user’s mailbox features, of course PowerShell is the right method to perform.

As you may know that Microsoft have extend the max size of send message to 150MB, this is not default size but is a allow size for your necessary.

Here is the code;

#First you got to connect to the Exchange Online PowerShell to get the commands

Connect-ExchangeOnline -UserPrincipalName <Global admin UPN> -ShowProgress $true

#You would want to get the primary ID which is the recipient type details because you are going to make changes on the user mailboxes, this code will gather all mailboxes that are UserMailbox type and the change will take in.

Get-Mailbox -RecipientTypeDetails UserMailbox | Set-Mailbox -MaxSendSize 50MB -Verbose

#Next to get confirmation that all users has apply the change, write out the result or you could export it to csv, using the Export-Csv command

Get-Mailbox -RecipientTypeDetails UserMailbox | Select Name,MaxSendSize

That is about it! Simple as that!

References:

  1. https://docs.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
  2. https://docs.microsoft.com/en-us/office365/servicedescriptions/exchange-online-service-description/exchange-online-limits#message-limits

Azure Autopilot: Unable to delete managed Autopilot devices

Hey guys and girls, hope you are enjoying your weekends. Please do keep a safe distance while you are in public area and wearing your mask.

So while I was doing my lab testing and wanting to remove the device from managed autopilot but it was failed to do so, due to the device were managed by Intune. Below is the error, if you would try to delete the device object from Autopilot.

To resolve this issue, is to remove the device from Intune and then you could able to remove the device from Autopilot.

As you may know that Intune is now no longer to be found in Azure portal, and it has moved to Microsoft Endpoint Manager admin center portal.

Steps to proceed to resolve this issue are;
  1. Access or login with your necessary credential that has permission to enter Microsoft Endpoint Manager admin center
  2. One the left taskbar, Select on Devices
  3. Select platform : Windows
  4. Search for the device name that you would wish to remove
  5. Once the device is found, select on the device and click Delete
  6. For the device to be deleted, will take around 3 to 5 mins
  7. Click on the Refresh, to make sure the device is completely deleted
  8. Once the device object is completely deleted, on the left taskbar select on Devices
  9. Select Enroll Devices
  10. Select Windows enrollment
  11. Select Devices Managed Autopilot
  12. Search for the device and Select the device that you wish to remove
  13. Click Delete and you have successfully delete the device from Autopilot

PowerShell: Unable to delete Stuck Data Leak Policy using “-ForceDeletion”

Hi Guys and girls, hope you all are doing well, and remember to stay safe. Just got the PowerShell check on the command “Remove-DlpCompliancePolicy“, it seems that Microsoft had made some changes to it and had removed the “-ForceDeletion” parameter from the “Remove-DlpCompliancePolicy” command.

Appreciated and thanks to the commenter that ping me on this at one of my older blog post https://sabrinaksy.com/2019/01/04/office-365-security-and-compliance-data-leak-protection-dlp-azure-information-protection-aip-integration-unable-to-delete-dlp-policy/ .

Just to announce that if you would like to remove or delete the stuck DLP policy in Security and Compliance, you would have to raise a ticket to Microsoft and inform them to perform the force deletion at their backend. There are users experience this and it is resolved through Microsoft Support.

 

References

  1. https://docs.microsoft.com/en-us/powershell/module/exchange/remove-dlpcompliancepolicy?view=exchange-ps
  2. https://answers.microsoft.com/en-us/msoffice/forum/all/dlp-policy-stuck-on-deleting/6b7bc384-e330-4ca8-bfdd-f84101f814c8

Intune Azure Portal is Retiring

I think some of you are still not noticing that Intune Azure portal experience will be retiring this coming August, 2020.

In the year 2017, the first time I was experience with Azure portal, well it was the old Azure portal (manage.windows.com), and slowly transition to portal.azure.com and now endpoint.microsoft.com.

So this is how Microsoft Endpoint Manager looks like,

Capture

 

Capture

Do give it out a try for yourself, if you haven’t.

 

Where do I get to know that Intune Azure Portal experience is retiring? When you select Intune in your Azure portal you will notice that is a prompt at the top the the image below,

Capture

Intune is Group Policy Management

Hey guys and girls, sorry about not updating my blog because I have been occupied with work. I feel so bad to break this goal, which is to write every once a week.

So I think my title caught your attention right? You thought that this post is going to be talking nonsense? Hahaha…No! I do still receiving people having misunderstanding what is Intune, its capability and its limitations. I do see quite a lot of blogs are only talking about the wins and lose of Intune and Group Policy Management,  not many in explaining.

Familiar questions that I usually get;

“I thought Intune is a replacement of GPO?”

“Why do we still need to rely on GPO?”

“No,  you are wrong, I saw there is administrative templates in Intune”

I am here to explain it to you properly.

If you took your time to look closely on Intune’s Device configuration categories, you will notice their settings are actually not as complete as GPO for Windows. So seeing something half does not mean it gives you full understanding of Intune capability and limitations until you put yourself and it into experiment or lab testing.

The journey I had with Intune, I would say it was a roller-coaster, I experience its limitations, behavior and good part. Yes, technology keeps changing to ease our daily challenges.

Throughout my experience, I would say that Intune does their job but still not stable enough. I usually have to combine other technology to achieve the work. You might thought of this “Urgh…is lots of work and to keep track on.”, well, if you are creative person, these are your possibilities to your resolutions from stopping you to get that work done.

In conclusion, Intune is not Group Policy Management, but Intune and Group Policy Management can be one (combine) to get your work done.

 

 

 

Azure & PowerShell: Service Plan Information

Hey dudes and ladies! Malaysia Movement Control Order has announce extend till 12th May but with relax conditions. Before the announcement, there was a decrease in number of reported cases and we had hope that there won’t be another extend announcement. However, the reported cases increases. Anyway, hope you guys are doing good at home, to those are infected by Covid-19, hope rapid recovery and to those are getting racism attack or getting criticism from past infection, hope you don’t hurt yourself which is not your fault.

Have you ever have customers that wanting to disable certain service plans in subscription or license? Are you going to manually click person by person to disable? Of course not! Things like these is best to use PowerShell, you could even generate/export a report.

Note:

  1. Don’t call Microsoft Support to identify your service plans because they have no idea and they most likely don’t take your case. Trust me I been there.

 

There are 2 type of command library you could use to extract these information either Azure AD PowerShell or MSOnline PowerShell. Play around with the service get to know which is the service that it belongs to and which service has dependency.

Below the list of service plans for Office 365 Enterprise E3 and E5;

  • I grab the below information using MSOnline PowerShell, this was during the year 2017. I will post up a new update.
Office 365 Enterprise E3
-------------------------
Deskless
FLOW_O365_P3
POWERAPPS_O365_P3
TEAMS1
ADALLOM_S_O365
EQUIVIO_ANALYTICS
LOCKBOX_ENTERPRISE
EXCHANGE_ANALYTICS
SWAY
ATP_ENTERPRISE
MCOEV
MCOMEETADV
BI_AZURE_P2
INTUNE_O365
PROJECTWORKMANAGEMENT
RMS_S_ENTERPRISE
YAMMER_ENTERPRISE
OFFICESUBSCRIPTION
MCOSTANDARD
EXCHANGE_S_ENTERPRISE
SHAREPOINTENTERPRISE
SHAREPOINTWAC

Office 365 Enterprise E5
-------------------------
Deskless (StaffHub)
FLOW_O365_P2 (Flow)
POWERAPPS_O365_P2 (PowerAPPS)
TEAMS1 (MsTeams)
PROJECTWORKMANAGEMENT (Planner)
SWAY (Sway)
INTUNE_O365 (Mobile Device)
YAMMER_ENTERPRISE (Yammer)
RMS_S_ENTERPRISE (Azure Right management)
OFFICESUBSCRIPTION (O365ProPlus)
MCOSTANDARD (Skype For Business)
SHAREPOINTWAC (Office Online)
SHAREPOINTENTERPRISE (SharePoint Online)
EXCHANGE_S_ENTERPRISE (Exchange Online)

Below Microsoft 365 Enterprise E5 using Azure PowerShell;

*the list is too long so I’m just going to show partial only.

Capture

This below is using the MSOnline Powershell;

Capture

 

References:

  1. https://docs.microsoft.com/en-us/office365/enterprise/powershell/view-account-license-and-service-details-with-office-365-powershell
  2. https://docs.microsoft.com/en-us/powershell/module/msonline/get-msolaccountsku?view=azureadps-1.0

 

 

Azure Storage & Office 365 Import PST: Troubleshoot Error “HttpStatusMessage: Bad request”

Hey guys and girls, just hope everyone are good during this Covid-19, movement control. Those that are hospitalize, hope that you recover. Those that have recovered, hope that you don’t face any criticism from others and not fall for Covid-19 again.

Well for IT field workers, our work still continues. In my lab environment, I was testing out Office 365 Import PST feature in Security and Compliance. Personally I feel this is a good feature but there is too much manual work on it.

Note:

Using network upload to import PST files is free.

Check out license plan to have this import feature at the reference below.

So just a brief explanation of what I was performing, in the Office 365 Import PST has 2 option for us on how we want to upload the PST, either network upload (free) or physical (Charges). I choose network upload to upload my PST, it require to use AzCopy command to run the upload. I have a PST that the size is more than 1 GB, and the upload failed with the following error message on the AzCopy console shows “HttpStatusMessage: This request is not authorized to perform this operation using this permission.

At first I thought that there could be limitation on the upload size, due to the given Azure Storage is temporary only. Looking through the documentation it didn’t state any upload limitation. Hence, further research.

The resolution to this was to disable the ATP agent that was in my lab PC, to prevent blocking the upload. Rerun the AzCopy command again to reupload the PST.

If you have any third party or applications that has network control or ATP functionality, would recommend that you disable to avoid this problem happen to you.

 

References:

  1. https://docs.microsoft.com/en-us/microsoft-365/compliance/faqimporting-pst-files-to-office-365?view=o365-worldwide
  2. https://www.microsoft.com/en-us/microsoft-365/business/compare-more-office-365-for-business-plans